Using the encryption-settings tool - PingDirectory - 9.3

PingDirectory 9.3

PingDirectory 9.3
PingDirectory 9.3 (Latest)

The encryption-settings tool provides a mechanism for interacting with the server's encryption settings database.

Use the encryption-settings tool to:

  • List the available encryption settings definitions.
  • Create new encryption settings definitions.
  • Delete existing encryption settings definitions.
  • Indicate which encryption settings definition is the preferred definition.
  • Export encryption settings definitions to a file for backup purposes and to allow them to be imported for use in other PingDirectory server instances.
  • Enable and disable data encryption restrictions for the server and list active restrictions.
  • Freeze or unfreeze the encryption settings database.
  • Supply the passphrase for the Wait for Passphrase cipher stream provider to unlock the encryption settings database.
To display the set of available encryption settings definitions, use the encryption-settings tool with the list subcommand.

This subcommand does not take any arguments.

$ bin/encryption-settings list

For each definition, the result includes:

  • The unique identifier for the definition
  • Whether the definition is the preferred definition
  • The cipher transformation and key length that are used for encryption
Encryption Settings Definition ID: 4D86C7922F71BB57B8B5695D2993059A26B8FC01
Preferred for New Encryption: false 
Cipher Transformation: DESede 
Key Length (bits): 192

Encryption Settings Definition ID: F635E109A8549651025D01D9A6A90F7C9017C66D 
Preferred for New Encryption: true 
Cipher Transformation: AES 
Key Length (bits): 128